com.adobe.idp.um.spi.authentication
Interface AuthResponse

All Known Implementing Classes:
AuthResponseImpl

public interface AuthResponse

The AuthResponse interface defines a mechanism for an authentication provider to communicate authentication results to User Management. If the authentication provider successfully authenticates the user information, it should communicate the success to User Management along with the authenticated user name, the user domain, and the authentication type performed.

If the authentication provider cannot authenticate the user information, it should communicate the failure to User Management along with error information. User Management may log the error information.

See Also:
AuthProvider

Field Summary
static java.lang.String ASSERTION_LIFE
          The time in seconds for which the SPI wants LC to issue the assertion.
static java.lang.String AUTH_ERROR
          The constant that represents an error in authentication.
static java.lang.String AUTH_FAILED
          The constant that represents a failed authentication.
static java.lang.String AUTH_SUCCESS
          The constant that represents a successful authentication.
static java.lang.String AUTH_UNRESOLVED
          The constant that represents a successful authentication but failed Identity Resolution.
static java.lang.String CONTINUE
          A constant that indicates that current authentication flow is not complete and requires some more steps to complete.
 
Method Summary
 java.util.Map getAuthProviderSpecificTokens()
          Retrieves the tokens passed by the authentication provider.
 java.lang.String getAuthStatus()
          Retrieves the authentication results for this object.
 java.lang.String getAuthType()
          Retrieves the authentication type for this object.
 java.lang.String getDomain()
          Retrieves the domain for this AuthResponse object.
 java.lang.String getErrorMessage()
          Retrieves the error message for this object.
 java.util.List getExceptions()
          Retrieves the exceptions for this object.
 java.lang.String getIssuerCN()
          Retrieves the issuer's canonical name.
 java.lang.String getKerberosIntermediateTkt()
          This method is related to Kerberos authentication and is not useful to implementations of AuthProvider.
 java.lang.String getUsername()
          Retrieves the login identification for this object.
 boolean isEncryptionRequired()
          Determines whether the tokens need to be encypted.
 void setAuthProviderSpecificTokens(java.util.Map tokens)
          Sets the tokens passed by the authentication provider.
 void setAuthStatus(java.lang.String result)
          Sets the results of the authentication.
 void setAuthType(java.lang.String authType)
          Sets the type of authentication used.
 void setDomain(java.lang.String domain)
          Sets the domain associated with the authentication provider that performed the authentication.
 void setEncryptionRequired(boolean encryptionRequired)
          Sets whether the additional information returned by the authentication provider, in the form of string tokens, need to be encrypted before they become a part of the SAML assertion.
 void setErrorMessage(java.lang.String message)
          Sets an error message for this object.
 void setExceptions(java.util.List exceptions)
          Specifies exceptions that occurred during authentication.
 void setIssuerCN(java.lang.String issuerCN)
          Sets the issuer's canonical name.
 void setKerberosIntermediateTkt(java.lang.String tkt)
          This method is related to Kerberos authentication and should not be used.
 void setUsername(java.lang.String userName)
          Sets the login identification used for authentication.
 

Field Detail

AUTH_SUCCESS

static final java.lang.String AUTH_SUCCESS
The constant that represents a successful authentication.

See Also:
Constant Field Values

AUTH_FAILED

static final java.lang.String AUTH_FAILED
The constant that represents a failed authentication. It must be used when the AuthProvider can determine the user identity but finds the authentication related information invalid e.g. invalid password.

See Also:
Constant Field Values

AUTH_ERROR

static final java.lang.String AUTH_ERROR
The constant that represents an error in authentication. This is different from AuthResponse.AUTH_FAILED in a way that it should be used when AuthProvider gets an unexpected error.

See Also:
Constant Field Values

CONTINUE

static final java.lang.String CONTINUE
A constant that indicates that current authentication flow is not complete and requires some more steps to complete. This would typically be used in those authentication schemes which involve exchange of messages to complete authentication e.g. SAML based authentication

See Also:
Constant Field Values

AUTH_UNRESOLVED

static final java.lang.String AUTH_UNRESOLVED
The constant that represents a successful authentication but failed Identity Resolution. The credential data for unresolved user is stored in a List in credential map with key UMAuthenticationUtil.provisionedUserListKey.

See Also:
Constant Field Values

ASSERTION_LIFE

static final java.lang.String ASSERTION_LIFE
The time in seconds for which the SPI wants LC to issue the assertion. The value against this key should be a java.lang.Integer

See Also:
Constant Field Values
Method Detail

setExceptions

void setExceptions(java.util.List exceptions)
Specifies exceptions that occurred during authentication. User Management logs the provided exceptions.

Parameters:
exceptions - A java.util.List object that contains the exceptions.

getExceptions

java.util.List getExceptions()
Retrieves the exceptions for this object.

Returns:
A java.util.List object that contains the exceptions.

getAuthStatus

java.lang.String getAuthStatus()
Retrieves the authentication results for this object.

Returns:
A java.lang.String that contains the authentication result.
See Also:
AuthResponse.AUTH_SUCCESS, AuthResponse.AUTH_FAILED, AuthResponse.AUTH_ERROR, AuthResponse.CONTINUE

setAuthStatus

void setAuthStatus(java.lang.String result)
Sets the results of the authentication.

Parameters:
result - A java.lang.String that contains the authentication results. Use the below mentioned constants to set the required status
See Also:
AuthResponse.AUTH_SUCCESS, AuthResponse.AUTH_FAILED, AuthResponse.AUTH_ERROR, AuthResponse.CONTINUE

getErrorMessage

java.lang.String getErrorMessage()
Retrieves the error message for this object.

Returns:
A java.lang.String that contains the error message.

setErrorMessage

void setErrorMessage(java.lang.String message)
Sets an error message for this object. This message should indicate an error other than exceptions that occur during authentication. User Management logs the provided error message.

Parameters:
message - A java.lang.String that contains the error message. The maximum length of the message is 250 characters; errors can occur if greater lengths are used.
See Also:
#setExceptions()

getAuthType

java.lang.String getAuthType()
Retrieves the authentication type for this object.

Returns:
A java.lang.String that contains the authentication type.

setAuthType

void setAuthType(java.lang.String authType)
Sets the type of authentication used. The authentication type should be the type that was provided to the AuthProvider.authenticate() method.

Parameters:
authType - A java.lang.String that contains the authentication type.

getUsername

java.lang.String getUsername()
Retrieves the login identification for this object.

Returns:
A java.lang.String that contains the user name.

setUsername

void setUsername(java.lang.String userName)
Sets the login identification used for authentication. The user name should be the name that was provided to the AuthProvider.authenticate() method.

Parameters:
userName - A java.lang.String that contains the user name. The maximum length of the String you can use is 250 characters or errors can occur.

getDomain

java.lang.String getDomain()
Retrieves the domain for this AuthResponse object.

Returns:
A String that contains the domain.

setDomain

void setDomain(java.lang.String domain)
Sets the domain associated with the authentication provider that performed the authentication.

Parameters:
domain - A String that contains the domain. The maximum length of the string is 50 characters; errors can occur if greater lengths are used.
See Also:
AuthConfigBO.getDomainName()

getKerberosIntermediateTkt

java.lang.String getKerberosIntermediateTkt()
This method is related to Kerberos authentication and is not useful to implementations of AuthProvider.

Returns:
A java.lang.String containing the Kerberos intermediate ticket.

setKerberosIntermediateTkt

void setKerberosIntermediateTkt(java.lang.String tkt)
This method is related to Kerberos authentication and should not be used.

Parameters:
tkt - A java.lang.String containing the Kerberos intermediate ticket.

getIssuerCN

java.lang.String getIssuerCN()
Retrieves the issuer's canonical name.

Returns:
A java.lang.String containing the issuer's canonical name.

setIssuerCN

void setIssuerCN(java.lang.String issuerCN)
Sets the issuer's canonical name.

Parameters:
issuerCN - A java.lang.String containing the issuer's canonical name.

setAuthProviderSpecificTokens

void setAuthProviderSpecificTokens(java.util.Map tokens)
Sets the tokens passed by the authentication provider. The authentication provider may require that you return additional information that is needed as part of the assertion. The additional information is a list of string tokens in the AuthResponse.

Parameters:
tokenList - A java.util.List containing the list of string tokens.

getAuthProviderSpecificTokens

java.util.Map getAuthProviderSpecificTokens()
Retrieves the tokens passed by the authentication provider. The authentication provider may require that you return additional information that is needed as part of the assertion. The additional information is a list of string tokens in the AuthResponse.

Returns:
tokenList A java.util.List containing the list of string tokens.

isEncryptionRequired

boolean isEncryptionRequired()
Determines whether the tokens need to be encypted.

Returns:
true if the tokens need to be encrypted, false otherwise.

setEncryptionRequired

void setEncryptionRequired(boolean encryptionRequired)
Sets whether the additional information returned by the authentication provider, in the form of string tokens, need to be encrypted before they become a part of the SAML assertion.

Parameters:
encryptionRequired - true if the tokens need to be encrypted, false otherwise.